Security Experts:

Connect with us

Hi, what are you looking for?



Growth in Cyber Fraud Attacks Outpacing Growth of Transactions: Report

Cybercrime in 2017

Cybercrime in 2017

The United States is the world’s primary target for cyber fraud attacks. Europe has emerged as the major source of attacks, now accounting for 50% more attacks than the US. The growth in attacks is outpacing the growth of transactions; and in a 90-day period, 130 million fraud attacks were detected.

These details come from the ThreatMetrix Cybercrime Report Q1 2017 (PDF). The report shows that strong economies tend to attack other strong economies, with the USA primarily targeting the USA, Canada and the UK; Germany targeting the USA, the UK and Germany; and the UK targeting the USA, the UK and Ireland. The UK is now one of the world’s largest attack originators.

While this concentration on North America and Europe is partly driven by the expectation of richer targets, it is probably also affected by attackers concentrating on areas where they already understand the local banking and finance methodologies.

The figures come from ThreatMetrix’s analysis of ‘high-risk’ transactions found among the nearly 2 billion transactions it monitors every month. It shows a growth in mobile transactions, a growth in the sophistication of attacks, and an increase of around 23% in the figures from the same period in 2016.

“The complexity and speed of evolving attack vectors continues to take us by surprise,” commented Vanita Pandey, vice president of product marketing at ThreatMetrix. “Fraudsters are operating within a much broader cybercrime landscape; one that shares knowledge, tools and exploits; trades information, tests and refines and constantly analyzes the market for new opportunities.”

Partly this is being driven by the availability of huge volumes of user credentials stolen over the last few years and now readily available on the internet. Although breached organizations are quick to claim that their stolen data was encrypted or hashed, “what is clear,” says the report, “is that identity data is the critical currency in global cybercrime, as fraudsters piece together full and convincing identities which are then used to perpetrate large-scale attacks.”

“Cybercrime,” it adds, “is becoming increasingly automated, sophisticated and is scaling exponentially through well organized crime rings with access to large-scale networks of infected devices available at their disposal to inundate online systems with large volumes of fraudulent transactions. They also use scripts (often in conjunction with bots) to perpetrate such transactions.”

Fintech, unsurprisingly, is a major target. This is set against a background of increasing mobility, digital wallets and online remittances. Digital wallet transactions grew by 80% year-on-year, with a 180% increase in associated bot attacks. “Loan stacking and bustout scenarios are common attack vectors,” explains ThreatMetrix, “where fraudsters capitalize on time delays inherent in reporting loan agreements to credit bureaus. Stolen identity credentials and device spoofing techniques allow cybercriminals to bypass even complex application procedures.”

The company warns that attackers have a wide range of attack vectors and tools at their disposal. “Fraudsters have a gamut of threat vectors at their disposal to perpetrate fraud, including Malware, remote access Trojans (RATs), Man-in-the-Middle attacks and automated bot attacks. These are often used in combination to perform mass identity testing attacks (via an advanced bot), and then take over a trusted user account via a Man-in-the-Middle attack and/or RAT.”

Pandey comments, “We saw a number of high-profile global breaches over the last year. Identities are being bought, sold, traded and augmented by criminals seeking to improve the success of their increasingly complex attacks. All of this points to one thing: Identities are the critical currency in cybercrime this year and it is up to businesses to look beyond static data to check that users are who they say they are.”

ThreatMetrix has raised more than $90 million in funding, including $20 million in Series E funding in March 2014, and $30 million in growth funding from Silicon Valley Bank in October 2016.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...